Re: [Last-Call] Secdir last call review of draft-ietf-ipsecme-ikev2-auth-announce-06
Valery Smyslov <svan@elvis.ru> Mon, 01 April 2024 13:37 UTC
Return-Path: <svan@elvis.ru>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F175BC14F6FE; Mon, 1 Apr 2024 06:37:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=elvis.ru
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YfKui5zmmdLO; Mon, 1 Apr 2024 06:37:42 -0700 (PDT)
Received: from dpmail.elvis.ru (dpmail.elvis.ru [93.188.44.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99F26C14F6FB; Mon, 1 Apr 2024 06:37:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=elvis.ru; s=mail; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID: Date:Subject:In-Reply-To:References:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=QZq8Y76U8Az7MVfYKqq9L8LTQUYrZywGgNjDooN7TBE=; b=lQMOe4NcgeZgnxDT8o03uce5/E lVKL3DDtLwzuBInhnYIJgcxFj70kBsQaOUa4QfR1wJA5h3zS1b5Ee2LQ5+7JWdzUyn8Hl3PNE2DhJ ZXaA3qvprGTzNyycWGhQER2OHDHS7PIsbig3LoZv9ZaKFukGAJl6vy/vEQi1e17OBCWA=;
Received: from kmail2.elvis.ru ([93.188.44.210]) by dpmail.elvis.ru with esmtp (Exim 4.89) (envelope-from <svan@elvis.ru>) id 1rrHqy-0003sn-5C; Mon, 01 Apr 2024 16:37:36 +0300
Received: from mail.office.elvis.ru ([10.111.1.29]) by kmail2.elvis.ru with esmtp (Exim 4.94.2) (envelope-from <svan@elvis.ru>) id 1rrHqx-00A57l-UP; Mon, 01 Apr 2024 16:37:35 +0300
Received: from MAIL16.office.elvis.ru (10.111.1.29) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1779.2; Mon, 1 Apr 2024 16:37:35 +0300
Received: from BuildPC (10.111.10.33) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server id 15.1.1779.2 via Frontend Transport; Mon, 1 Apr 2024 16:37:35 +0300
From: Valery Smyslov <svan@elvis.ru>
To: 'Rifaat Shekh-Yusef' <rifaat.s.ietf@gmail.com>, secdir@ietf.org
CC: draft-ietf-ipsecme-ikev2-auth-announce.all@ietf.org, ipsec@ietf.org, last-call@ietf.org
References: <171182022719.29877.1686113240622771941@ietfa.amsl.com>
In-Reply-To: <171182022719.29877.1686113240622771941@ietfa.amsl.com>
Date: Mon, 01 Apr 2024 16:37:35 +0300
Message-ID: <03f801da8439$c1a4b450$44ee1cf0$@elvis.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQDadOVIJOvEpJyIJoX0pokDKN15i7NTHL7g
Content-Language: ru
X-CrossPremisesHeadersFilteredBySendConnector: MAIL16.office.elvis.ru
X-OrganizationHeadersPreserved: MAIL16.office.elvis.ru
X-Spam-Scanner: Rspamd work in kmail2.elvis.ru, WHITELIST
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Status: not scanned, disabled by settings
X-KLMS-AntiPhishing: Clean, bases: 2023/02/21 22:47:00
X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30, bases: 2023/02/21 21:02:00 #20887462
X-KLMS-AntiVirus-Status: Clean, skipped
X-Spam-Scanner: Rspamd work in dpmail.elvis.ru, WHITELIST
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/OkZxFI6Qn2n7zow95k3Tn6pLHkE>
Subject: Re: [Last-Call] Secdir last call review of draft-ietf-ipsecme-ikev2-auth-announce-06
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 13:37:47 -0000
Hi Rifaat, thank you for your review. Please, see inline. > Reviewer: Rifaat Shekh-Yusef > Review result: Has Issues > > # Section 3.1 > > * The description of the exchange seems odd, as it starts with the responder, > instead of the initiator. I suggest that the description of the exchange starts with > the initiator, followed by the responder. OK, I've added the following sentence: The initiator starts the IKE_SA_INIT exchange as usual. > * I think it would make it easier for the reader if you explicitly describe the new > notify payload. How about adding the following text to the beginning of section 3.1? > > "This specification introduces a new IKE_SA_INIT packets Notify payload of type > SUPPORTED_AUTH_METHODS. This payload is utilized to convey the supported > authentication methods of the party sending the message, thereby facilitating the > negotiation of authentication mechanisms during IKE SA establishment." Text in the Section 3 is changed to: When establishing IKE SA each party may send a list of authentication methods it supports and is configured to use to its peer. For this purpose this specification introduces a new Notify Message Type SUPPORTED_AUTH_METHODS. The Notify payload with this Notify Message Type is utilized to convey the supported authentication methods of the party sending it. The sending party may additionally specify that some of the authentication methods are only for use with the particular trust anchors. Upon receiving this information the peer may take it into consideration while selecting an algorithm for its authentication if several alternatives are available. > * "Since the responder sends the SUPPORTED_AUTH_METHODS notification in > the IKE_SA_INIT exchange, it must take care that the size of the response > message wouldn't grow too much so that IP fragmentation takes place." > > Is this limited to the responder? or should the initiator too take that into > considerations? It is not limited to the responder in general, but in the context of this document it is the responder who is going to send a message that could be fragmented at IP level. Usually the response is smaller than the request. In this case it can be larger and thus the responder should take care of IP fragmentation. > # Section 5 > > Second paragraph: I guess the potential for downgrade attack is not limited to the > NULL use case. If one of the supported methods is consider to be weaker than the > others, then an active attacker in the path could force the parties to use that > weaker method. This is not a "downgrade" in a common sense. Downgrade assumes that there is a negotiation between the peers and an attacker may influence this process forcing peers to use weaker option. In IKEv2 authentication methods are not negotiated. This specification doesn't provide negotiation too, since each party still chooses what it thinks is appropriate on its own. It only allows peers to select authentication method more consciously. Regards, Valery.
- Re: [Last-Call] Secdir last call review of draft-… Valery Smyslov
- [Last-Call] Secdir last call review of draft-ietf… Rifaat Shekh-Yusef via Datatracker
- Re: [Last-Call] Secdir last call review of draft-… Rifaat Shekh-Yusef
- Re: [Last-Call] Secdir last call review of draft-… Valery Smyslov
- Re: [Last-Call] Secdir last call review of draft-… Rifaat Shekh-Yusef